CVE-2015-8765

8.3HIGH

Key Information:

Vendor: Mcafee
Status: Epolicy Orchestrator
Vendor: CVE Published:; 8 January 2016

Summary

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

https://www.kb.cert.org/vuls/id/576313

third-party-advisoryx_refsource_CERT-VN

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 8, 2016